2025-02-26 13:04:55 +01:00
|
|
|
// GoToSocial
|
|
|
|
|
// Copyright (C) GoToSocial Authors admin@gotosocial.org
|
|
|
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
|
//
|
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
// (at your option) any later version.
|
|
|
|
|
//
|
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
|
//
|
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
package util
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"strings"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Scope string
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
/* Sub-scopes / scope components */
|
|
|
|
|
|
|
|
|
|
scopeAccounts = "accounts"
|
2025-03-17 15:06:17 +01:00
|
|
|
scopeApplications = "applications"
|
2025-02-26 13:04:55 +01:00
|
|
|
scopeBlocks = "blocks"
|
|
|
|
|
scopeBookmarks = "bookmarks"
|
|
|
|
|
scopeConversations = "conversations"
|
|
|
|
|
scopeDomainAllows = "domain_allows"
|
|
|
|
|
scopeDomainBlocks = "domain_blocks"
|
|
|
|
|
scopeFavourites = "favourites"
|
|
|
|
|
scopeFilters = "filters"
|
|
|
|
|
scopeFollows = "follows"
|
|
|
|
|
scopeLists = "lists"
|
|
|
|
|
scopeMedia = "media"
|
|
|
|
|
scopeMutes = "mutes"
|
|
|
|
|
scopeNotifications = "notifications"
|
|
|
|
|
scopeReports = "reports"
|
|
|
|
|
scopeSearch = "search"
|
|
|
|
|
scopeStatuses = "statuses"
|
|
|
|
|
|
|
|
|
|
/* Top-level scopes */
|
|
|
|
|
|
|
|
|
|
ScopeProfile Scope = "profile"
|
|
|
|
|
ScopePush Scope = "push"
|
|
|
|
|
ScopeRead Scope = "read"
|
|
|
|
|
ScopeWrite Scope = "write"
|
|
|
|
|
ScopeAdmin Scope = "admin"
|
|
|
|
|
ScopeAdminRead Scope = ScopeAdmin + ":" + ScopeRead
|
|
|
|
|
ScopeAdminWrite Scope = ScopeAdmin + ":" + ScopeWrite
|
|
|
|
|
|
|
|
|
|
/* Granular scopes */
|
|
|
|
|
|
|
|
|
|
ScopeReadAccounts Scope = ScopeRead + ":" + scopeAccounts
|
|
|
|
|
ScopeWriteAccounts Scope = ScopeWrite + ":" + scopeAccounts
|
2025-03-17 15:06:17 +01:00
|
|
|
ScopeReadApplications Scope = ScopeRead + ":" + scopeApplications
|
|
|
|
|
ScopeWriteApplications Scope = ScopeWrite + ":" + scopeApplications
|
2025-02-26 13:04:55 +01:00
|
|
|
ScopeReadBlocks Scope = ScopeRead + ":" + scopeBlocks
|
|
|
|
|
ScopeWriteBlocks Scope = ScopeWrite + ":" + scopeBlocks
|
|
|
|
|
ScopeReadBookmarks Scope = ScopeRead + ":" + scopeBookmarks
|
|
|
|
|
ScopeWriteBookmarks Scope = ScopeWrite + ":" + scopeBookmarks
|
|
|
|
|
ScopeWriteConversations Scope = ScopeWrite + ":" + scopeConversations
|
|
|
|
|
ScopeReadFavourites Scope = ScopeRead + ":" + scopeFavourites
|
|
|
|
|
ScopeWriteFavourites Scope = ScopeWrite + ":" + scopeFavourites
|
|
|
|
|
ScopeReadFilters Scope = ScopeRead + ":" + scopeFilters
|
|
|
|
|
ScopeWriteFilters Scope = ScopeWrite + ":" + scopeFilters
|
|
|
|
|
ScopeReadFollows Scope = ScopeRead + ":" + scopeFollows
|
|
|
|
|
ScopeWriteFollows Scope = ScopeWrite + ":" + scopeFollows
|
|
|
|
|
ScopeReadLists Scope = ScopeRead + ":" + scopeLists
|
|
|
|
|
ScopeWriteLists Scope = ScopeWrite + ":" + scopeLists
|
|
|
|
|
ScopeWriteMedia Scope = ScopeWrite + ":" + scopeMedia
|
|
|
|
|
ScopeReadMutes Scope = ScopeRead + ":" + scopeMutes
|
|
|
|
|
ScopeWriteMutes Scope = ScopeWrite + ":" + scopeMutes
|
|
|
|
|
ScopeReadNotifications Scope = ScopeRead + ":" + scopeNotifications
|
|
|
|
|
ScopeWriteNotifications Scope = ScopeWrite + ":" + scopeNotifications
|
|
|
|
|
ScopeWriteReports Scope = ScopeWrite + ":" + scopeReports
|
|
|
|
|
ScopeReadSearch Scope = ScopeRead + ":" + scopeSearch
|
|
|
|
|
ScopeReadStatuses Scope = ScopeRead + ":" + scopeStatuses
|
|
|
|
|
ScopeWriteStatuses Scope = ScopeWrite + ":" + scopeStatuses
|
|
|
|
|
ScopeAdminReadAccounts Scope = ScopeAdminRead + ":" + scopeAccounts
|
|
|
|
|
ScopeAdminWriteAccounts Scope = ScopeAdminWrite + ":" + scopeAccounts
|
|
|
|
|
ScopeAdminReadReports Scope = ScopeAdminRead + ":" + scopeReports
|
|
|
|
|
ScopeAdminWriteReports Scope = ScopeAdminWrite + ":" + scopeReports
|
|
|
|
|
ScopeAdminReadDomainAllows Scope = ScopeAdminRead + ":" + scopeDomainAllows
|
|
|
|
|
ScopeAdminWriteDomainAllows Scope = ScopeAdminWrite + ":" + scopeDomainAllows
|
|
|
|
|
ScopeAdminReadDomainBlocks Scope = ScopeAdminRead + ":" + scopeDomainBlocks
|
|
|
|
|
ScopeAdminWriteDomainBlocks Scope = ScopeAdminWrite + ":" + scopeDomainBlocks
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Permits returns true if the
|
|
|
|
|
// scope permits the wanted scope.
|
|
|
|
|
func (has Scope) Permits(wanted Scope) bool {
|
|
|
|
|
if has == wanted {
|
2025-03-03 16:03:36 +01:00
|
|
|
// Exact match on either a
|
|
|
|
|
// top-level or granular scope.
|
2025-02-26 13:04:55 +01:00
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2025-03-03 16:03:36 +01:00
|
|
|
// Ensure we have a
|
|
|
|
|
// known top-level scope.
|
|
|
|
|
switch has {
|
|
|
|
|
|
|
|
|
|
case ScopeProfile,
|
|
|
|
|
ScopePush,
|
|
|
|
|
ScopeRead,
|
|
|
|
|
ScopeWrite,
|
|
|
|
|
ScopeAdmin,
|
|
|
|
|
ScopeAdminRead,
|
|
|
|
|
ScopeAdminWrite:
|
|
|
|
|
// Check if top-level includes wanted,
|
|
|
|
|
// eg., have "admin", want "admin:read".
|
|
|
|
|
return strings.HasPrefix(string(wanted), string(has)+":")
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
// Unknown top-level scope,
|
|
|
|
|
// can't permit anything.
|
|
|
|
|
return false
|
|
|
|
|
}
|
2025-02-26 13:04:55 +01:00
|
|
|
}
|
